1dc728923Sopenharmony_ciFrom 508b1b57f73a49effc975731f8b76325d45b0e0f Mon Sep 17 00:00:00 2001 2dc728923Sopenharmony_ciFrom: zhanchengbin <zhanchengbin1@huawei.com> 3dc728923Sopenharmony_ciDate: Fri, 18 Mar 2022 00:02:50 +0800 4dc728923Sopenharmony_ciSubject: [PATCH] e2fsck: handle->level is overflow in ext2fs_extent_get. 5dc728923Sopenharmony_ci 6dc728923Sopenharmony_ciIn function check_blocks_extents, program call scan_extent_node recursively until 7dc728923Sopenharmony_cileaf extent is found, and if this leaf extent is the last one in this extent_idx, 8dc728923Sopenharmony_ciit will delete the parent extent_idx of this leaf extent in ext2fs_extent_delete, 9dc728923Sopenharmony_ciand do handle->level--. After scan_extent_node return, program allways to get up extent, 10dc728923Sopenharmony_cibut level was already decreased. 11dc728923Sopenharmony_ciSo calling ext2fs_extent_get(EXT2_EXTENT_UP) again will return EXT2_ET_EXTENT_NO_UP, 12dc728923Sopenharmony_ciand then print failed. 13dc728923Sopenharmony_ci 14dc728923Sopenharmony_ciSigned-off-by: zhanchengbin <zhanchengbin1@huawei.com> 15dc728923Sopenharmony_ci--- 16dc728923Sopenharmony_ci e2fsck/pass1.c | 7 +++++++ 17dc728923Sopenharmony_ci lib/ext2fs/ext2fs.h | 1 + 18dc728923Sopenharmony_ci lib/ext2fs/extent.c | 5 +++++ 19dc728923Sopenharmony_ci 3 files changed, 13 insertions(+) 20dc728923Sopenharmony_ci 21dc728923Sopenharmony_cidiff --git a/e2fsck/pass1.c b/e2fsck/pass1.c 22dc728923Sopenharmony_ciindex 26b9ab71..3d698934 100644 23dc728923Sopenharmony_ci--- a/e2fsck/pass1.c 24dc728923Sopenharmony_ci+++ b/e2fsck/pass1.c 25dc728923Sopenharmony_ci@@ -3074,11 +3074,18 @@ report_problem: 26dc728923Sopenharmony_ci } 27dc728923Sopenharmony_ci } 28dc728923Sopenharmony_ci } 29dc728923Sopenharmony_ci+ 30dc728923Sopenharmony_ci+ int level_bak = ext2fs_current_level_get(ehandle); 31dc728923Sopenharmony_ci+ 32dc728923Sopenharmony_ci scan_extent_node(ctx, pctx, pb, extent.e_lblk, 33dc728923Sopenharmony_ci last_lblk, eof_block, ehandle, 34dc728923Sopenharmony_ci next_try_repairs); 35dc728923Sopenharmony_ci if (pctx->errcode) 36dc728923Sopenharmony_ci return; 37dc728923Sopenharmony_ci+ 38dc728923Sopenharmony_ci+ if (level_bak != ext2fs_current_level_get(ehandle)) 39dc728923Sopenharmony_ci+ return; 40dc728923Sopenharmony_ci+ 41dc728923Sopenharmony_ci pctx->errcode = ext2fs_extent_get(ehandle, 42dc728923Sopenharmony_ci EXT2_EXTENT_UP, &extent); 43dc728923Sopenharmony_ci if (pctx->errcode) { 44dc728923Sopenharmony_cidiff --git a/lib/ext2fs/ext2fs.h b/lib/ext2fs/ext2fs.h 45dc728923Sopenharmony_ciindex 68f9c1fe..d0468f11 100644 46dc728923Sopenharmony_ci--- a/lib/ext2fs/ext2fs.h 47dc728923Sopenharmony_ci+++ b/lib/ext2fs/ext2fs.h 48dc728923Sopenharmony_ci@@ -1333,6 +1333,7 @@ extern errcode_t ext2fs_extent_open2(ext2_filsys fs, ext2_ino_t ino, 49dc728923Sopenharmony_ci extern void ext2fs_extent_free(ext2_extent_handle_t handle); 50dc728923Sopenharmony_ci extern errcode_t ext2fs_extent_get(ext2_extent_handle_t handle, 51dc728923Sopenharmony_ci int flags, struct ext2fs_extent *extent); 52dc728923Sopenharmony_ci+extern int ext2fs_current_level_get(ext2_extent_handle_t handle); 53dc728923Sopenharmony_ci extern errcode_t ext2fs_extent_node_split(ext2_extent_handle_t handle); 54dc728923Sopenharmony_ci extern errcode_t ext2fs_extent_replace(ext2_extent_handle_t handle, int flags, 55dc728923Sopenharmony_ci struct ext2fs_extent *extent); 56dc728923Sopenharmony_cidiff --git a/lib/ext2fs/extent.c b/lib/ext2fs/extent.c 57dc728923Sopenharmony_ciindex b324c7b0..07acd4e0 100644 58dc728923Sopenharmony_ci--- a/lib/ext2fs/extent.c 59dc728923Sopenharmony_ci+++ b/lib/ext2fs/extent.c 60dc728923Sopenharmony_ci@@ -575,6 +575,11 @@ retry: 61dc728923Sopenharmony_ci return 0; 62dc728923Sopenharmony_ci } 63dc728923Sopenharmony_ci 64dc728923Sopenharmony_ci+int ext2fs_current_level_get(ext2_extent_handle_t handle) 65dc728923Sopenharmony_ci+{ 66dc728923Sopenharmony_ci+ return handle->level; 67dc728923Sopenharmony_ci+} 68dc728923Sopenharmony_ci+ 69dc728923Sopenharmony_ci static errcode_t update_path(ext2_extent_handle_t handle) 70dc728923Sopenharmony_ci { 71dc728923Sopenharmony_ci blk64_t blk; 72dc728923Sopenharmony_ci-- 73dc728923Sopenharmony_ci2.27.0 74dc728923Sopenharmony_ci 75